Skip to content

The Chaos breaks german elections, again

Actually, the election was broken before, and the Chaos Computer Club just happened to be the only one looking closely enough, again. (German PDF)

Ten years ago, they broke the digital elections in Hamburg, which were to be based on the Digitaler Wahlstift. Because of that, and Wij vertrouwen stemcomputers niet there is actually a completely offline paper record that can be used to rebuild election results from hand.

So this time CCC looked at the electrion result collection and tabulation software, PC-Wahl 10. And found something uses default passwords of the calibre test/test, using FTP based unsigned software updates, and using no secure way whatsoever to transmit and validate election results.

„Elementary principles of IT-security were not heeded to. The amount of vulnerabilities and their severity exceeded our worst expectations“, says Linus Neumann, a speaker for the CCC that was involved in the study.

If there is ever a valid use case for the Blockchain
Merkel Merkle Trees, it’s probably this.

Published inDeutschlandHackerterrorcybercyberNeuland

One Comment

  1. Markus I.

    Wieso kommt mir die Melodie “Sweet dreams” in den Kopf. “Feuer frei” wäre sinnvoller?

    Vermutlich kommt dann morgen das Statement von der Firma vote-it GmbH, dass ja die Wahl-Rechner eh nicht am Interner klemmen. Oder sie sage, dass das dass SSL-Modul nicht bestellt wurde. Oder so.

Leave a Reply

Your email address will not be published. Required fields are marked *